漏洞标题 CVE-2012-2122: MySQL - Authentication Bypass 漏洞描述 sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x be...

漏洞标题 CVE-2022-22897: PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection 漏洞描述 A SQL injection vulnerability in the product_all_one_img and image_product parameters of the...

漏洞标题 CVE-2025-24752: Essential Addons for Elementor < 6.0.15 - Cross-Site Scripting 漏洞描述 A Cross-Site Scripting (XSS) vulnerability exists in Essential Addons for Elemen...

漏洞标题 Apache APISIX 默认密钥漏洞（CVE-2020-13945） 漏洞描述 Apache APISIX是一个高性能API网关。在用户未指定管理员Token或使用了默认配置文件的情况下，ApacheAPISIX将使用默认的管理员...

漏洞标题 CVE-2015-6477: Nordex NC2 - Cross-Site Scripting 漏洞描述 Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script cod...

漏洞标题 CVE-2016-15042: WordPress Frontend File Manager < 4.0 & N-Media Post Frontend < 1.1 - Arbitrary File Upload 漏洞描述 The Frontend File Manager plugin (<4.0) a...

漏洞标题 CVE-2014-8682: Gogs (Go Git Service) - SQL Injection 漏洞描述 Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 B...

漏洞标题 CVE-2022-36883: Jenkins Git <=4.11.3 - Missing Authorization 漏洞描述 Jenkins Git plugin through 4.11.3 contains a missing authorization check. An attacker can trigger ...

漏洞标题 Apache OFBiz webtools/control/ProgramExport 远程代码执行漏洞（CVE-2023-51467） 漏洞描述 Apache OFBiz 在 webtools/control/ProgramExport存在代码执行漏洞，攻击者可通过该漏洞...

漏洞标题 CVE-2021-26084: Confluence Server - Remote Code Execution 漏洞描述 Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authentica...

漏洞标题 CVE-2015-4668: Xsuite <=2.4.4.5 - Open Redirect 漏洞描述 Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect...

漏洞标题 CVE-2023-38646: Metabase < 0.46.6.1 - Remote Code Execution 漏洞描述 Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to exe...

漏洞标题 CVE-2018-10383: Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting 漏洞描述 Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page. ...

漏洞标题 CVE-2022-43140: kkFileView 4.1.0 - Server-Side Request Forgery 漏洞描述 kkFileView 4.1.0 is susceptible to server-side request forgery via the component cn.keking.web.cont...

漏洞标题 CVE-2023-30777: Advanced Custom Fields < 6.1.6 - Cross-Site Scripting 漏洞描述 Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the post_s...

漏洞标题 CVE-2017-9791: Apache Struts2 S2-053 - Remote Code Execution 漏洞描述 Apache Struts 2.1.x and 2.3.x with the Struts 1 plugin might allow remote code execution via a malici...